<?php 
include('includes/confirm.php');
$page_name = home;
require_once 'classes/Mysql.php';
//require_once 'includes/constants.php';
$mysql = New Mysql();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <?php include('includes/head.php'); ?>
<body>

<div id="wrapper">
    <?php include('includes/header.php'); ?>
    <?php include('includes/menu.php'); ?>
    
    <div id="page">
		<div id="browse_result">
		Recently Added By Friends:
		<table class="sortable" id=anyid cellpadding="0" cellspacing="0">
			<tr>
				<th>Title</th>
				<th>Type</th>
				<th>Format</th>
				<th>User ID</th>
				<th>Friend First Name</th>
				<th>Added</th>
				<th class="unsortable">Borrow</th>
			</tr>
			<?php
				$query = "SELECT r.id, r.title, u.uname, u.fname, c.added, c.id, f.name, t.name
						FROM user u, resource r, resource_copy c, format f, resource_type t
						WHERE u.id = c.u_id 
						AND c.resource_id = r.id 
						AND r.type_id = t.id
						AND c.format_id = f.id ";
					//User can CAN VIEW copy
							$query .= " AND c.u_id IN (SELECT id1 FROM friend WHERE id2='".$_SESSION['userid']."' AND c.share_level <= view_setting ) ";	
							$query .= "ORDER BY c.added ASC LIMIT 10";	
				//print $query;
				$stmt = $mysql->run_query($query);								
							
				$stmt->bind_result($r_id, $title, $uname, $fname, $added, $c_id, $format, $type);
				$i=1;
				while($stmt->fetch()){
					print "<tr>";
						print "<td>";
							print "<a href=view_resource.php?resource_id=$r_id >";
							print $title;
							print "</a>";
						print "</td>";
						print "<td>$type</td>";
						print "<td>$format</td>";						
						print "<td>";
								print "<a href=user_info.php?uname=$uname>";
								print $uname;
								print "</a>";
							print "</td>";
						print "<td>$fname</td>";
						print "<td>$added</td>";
						print '<td>';
							$mysql2 = new Mysql();
							$query = "SELECT c.id FROM resource_copy c WHERE c.id ='".$c_id."' ";
							$query .= " AND c.u_id IN (SELECT id1 FROM friend WHERE id2='".$_SESSION['userid']."' AND c.share_level <= borrow_setting ) ";
							$stmt2 = $mysql2->run_query($query);
							$stmt2->bind_result($c_id);
							if($stmt2->fetch()){							
								print '<form method="post" action="borrow_copy.php">';
								print "<input type=hidden name='borrow' value='$c_id' />";
								print '<input type="submit" name="borrow_button" value="Borrow"/>';
								print '</form>';
							}
							$stmt2->close();
						print '</td>';
					print "</tr>";
					$i++;
				}
				$stmt->close();
				//echo $result->Get('id1');
				echo "</tr>";
				echo "</table>";
			
			?>
		</table>
		
		
	
		
		
		
		Borrow Requests: <br/>
		<?php 
			$mysql = new Mysql();
			if(isset($_POST['loan'])){				
				$mysql->run_query_string("UPDATE borrow SET status = '1' WHERE id = '".$_POST['borrow_id']."'");
				echo "  Loaned - ";
			}
			if(isset($_POST['deny'])){				
				$mysql->run_query_string("UPDATE borrow SET status = '2' WHERE id = '".$_POST['borrow_id']."'");
				echo " Denyed - ";
			}
			if(isset($_POST['deny']) || isset($_POST['loan'])){
				echo $_POST['title']." to ".$_POST['username'];
			}
		?>
		<table class="sortable" id=anyid cellpadding="0" cellspacing="0">
			<tr>
				<th>Title</th>
				<th>Type</th>
				<th>Format</th>
				<th>User ID</th>
				<th>Friend First Name</th>
				<th>Requested</th>
				<th class="unsortable">Loan</th>
			</tr>
			<?php
				$query = "SELECT r.id, r.title, u.uname, u.fname, b.timestamp, c.id, b.id, f.name, t.name
						FROM user u, resource r, resource_copy c, borrow b, format f, resource_type t
						WHERE u.id = b.user_id 
						AND c.resource_id = r.id 
						AND b.copy_id=c.id 
						AND c.format_id = f.id 
						AND r.type_id = t.id
						AND b.status=0 
						AND c.u_id='".$_SESSION['userid']."'";					
				$query .= " ORDER BY b.id ASC ";	
				//print $query;
				$stmt = $mysql->run_query($query);								
							
				$stmt->bind_result($r_id, $title, $uname, $fname, $requested, $c_id, $b_id, $format, $type);
				$i=1;
				while($stmt->fetch()){
					print "<tr>";
						print "<td>";
							print "<a href=view_resource.php?resource_id=$r_id >";
							print $title;
							print "</a>";
						print "</td>";	
						print "<td>$type</td>";
						print "<td>$format</td>";
						print "<td>";
								print "<a href=user_info.php?uname=$uname>";
								print $uname;
								print "</a>";
							print "</td>";
						print "<td>$fname</td>";
						print "<td>$requested</td>";
						print '<td>';
											
								print '<form method="post" action="">';
								
								print "<input type=hidden name='borrow_id' value='$b_id' />";
								print "<input type=hidden name='username' value='$uname' />";
								print "<input type=hidden name='fname' value='$fname' />";
								print "<input type=hidden name='title' value='$title' />";
								
								print '<input type="submit" name="loan" value="Loan" />';															
								print '<input type="submit" name="deny" value="Deny" />';
								print '</form>';
							
						print '</td>';
					print "</tr>";
					$i++;
				}
				$stmt->close();
				//echo $result->Get('id1');
				echo "</tr>";
				echo "</table>";
			
			?>
		</table>
		
		
		
		Borrowed Items Status: <br>
		<?php 
			$mysql = new Mysql();
			if(isset($_POST['return'])){				
				$mysql->run_query_string("UPDATE borrow SET status = '4' WHERE id = '".$_POST['borrow_id']."'");
				echo "  Returned - ";			
				echo $_POST['title']." to ".$_POST['username'];
			}
		?>
		<table class="sortable" id=anyid cellpadding="0" cellspacing="0">
			<tr>
				<th>Title</th>
				<th>Type</th>
				<th>Format</th>
				<th>User ID</th>
				<th>Friend First Name</th>
				<th>Loaned</th>
				<th class="unsortable">Return</th>
			</tr>
			<?php
				$query = "SELECT r.id, r.title, u.uname, u.fname, b.timestamp, c.id, b.id, f.name, t.name
						FROM user u, resource r, resource_copy c, borrow b, format f, resource_type t
						WHERE u.id = b.user_id 
						AND c.resource_id = r.id 
						AND b.copy_id=c.id 
						AND c.format_id = f.id 
						AND r.type_id = t.id
						AND b.status=1
						AND b.user_id='".$_SESSION['userid']."'";					
				$query .= " ORDER BY b.id ASC ";	
				//print $query;
				$stmt = $mysql->run_query($query);								
							
				$stmt->bind_result($r_id, $title, $uname, $fname, $added, $c_id, $b_id, $format, $type);
				$i=1;
				while($stmt->fetch()){
					print "<tr>";
						print "<td>";
							print "<a href=view_resource.php?resource_id=$r_id >";
							print $title;
							print "</a>";
						print "</td>";	
						print "<td>$type</td>";
						print "<td>$format</td>";
						print "<td>";
								print "<a href=user_info.php?uname=$uname>";
								print $uname;
								print "</a>";
							print "</td>";
						print "<td>$fname</td>";
						print "<td>$added</td>";
						print '<td>';
											
								print '<form method="post" action="">';
								
								print "<input type=hidden name='borrow_id' value='$b_id' />";
								print "<input type=hidden name='username' value='$uname' />";
								print "<input type=hidden name='fname' value='$fname' />";
								print "<input type=hidden name='title' value='$title' />";
								
								print '<input type="submit" name="return" value="Return"/>';
								print '</form>';
							
						print '</td>';
					print "</tr>";
					$i++;
				}
				$stmt->close();
				//echo $result->Get('id1');
				echo "</tr>";
				echo "</table>";
			
			?>
		</table>
		
		
		Items On Loan:	
		<table class="sortable" id=anyid cellpadding="0" cellspacing="0">
			<tr>
				<th>Title</th>
				<th>Type</th>
				<th>Format</th>
				<th>User ID</th>
				<th>Friend First Name</th>
				<th>Loaned</th>
			</tr>
			<?php
				$query = "SELECT r.id, r.title, u.uname, u.fname, b.timestamp, c.id, b.id, f.name, t.name
						FROM user u, resource r, resource_copy c, borrow b, format f, resource_type t
						WHERE u.id = b.user_id 
						AND c.resource_id = r.id 
						AND b.copy_id=c.id 
						AND c.format_id = f.id 
						AND r.type_id = t.id
						AND b.status=1 
						AND c.u_id='".$_SESSION['userid']."'";					
				$query .= " ORDER BY b.id ASC ";	
				//print $query;
				$stmt = $mysql->run_query($query);								
							
				$stmt->bind_result($r_id, $title, $uname, $fname, $added, $c_id, $b_id, $format, $type);
				$i=1;
				while($stmt->fetch()){
					print "<tr>";
						print "<td>";
							print "<a href=view_resource.php?resource_id=$r_id >";
							print $title;
							print "</a>";
						print "</td>";	
						print "<td>$type</td>";
						print "<td>$format</td>";
						print "<td>";
								print "<a href=user_info.php?uname=$uname>";
								print $uname;
								print "</a>";
							print "</td>";
						print "<td>$fname</td>";
						print "<td>$added</td>";
						
					print "</tr>";
					$i++;
				}
				$stmt->close();
				//echo $result->Get('id1');
				echo "</tr>";
				echo "</table>";
			
			?>
		</table>
		
		
		</div>
      </div>
      <!-- end div#content -->
      
      <div style="clear: both; height: 1px"></div>
   
  </div>
  <!-- end div#page -->
    <?php include('includes/footer.php'); ?>
</div> <!-- end div#wrapper -->
</body>
</html>
